package com.lagou.edu.interceptor;


import com.lagou.edu.annotations.Security;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 自定义springmvc拦截器
 */
public class MyIntercepter01 implements HandlerInterceptor {


    /**
     * 会在handler方法业务逻辑执行之前执行
     * 往往在这里完成权限校验工作
     * @param request
     * @param response
     * @param handler
     * @return  返回值boolean代表是否放行，true代表放行，false代表中止
     * @throws Exception
     */
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        boolean isAccess = false;boolean isControllerAccess = false;
        String username = request.getParameter("name");
        System.out.println("请求参数："+username);
        HandlerMethod method = (HandlerMethod)handler;
        if(method.getMethod().isAnnotationPresent(Security.class)){
            Security security = method.getMethodAnnotation(Security.class);
            Security parentSecurity = method.getBeanType().getAnnotation(Security.class);
            if(parentSecurity != null){//有该注解，则校验
                String[] names = parentSecurity.value();
                for(String name : names){
                    if(name.equals(username)){
                        isControllerAccess = Boolean.TRUE;
                    }
                    System.out.println("Controller配置用户参数："+name);
                }
            }
            if(security != null){//有该注解，则校验
                String[] names = security.value();
                for(String name : names){
                    if(name.equals(username)){
                        isAccess = Boolean.TRUE;
                    }
                    System.out.println("Method配置用户参数："+name);
                }
            }
        }
        if(Boolean.FALSE.equals(isControllerAccess)){
            System.out.println("该用户没有权限访问Controller");
            throw new Exception("该用户没有权限访问Controller");
        }
        if(Boolean.FALSE.equals(isAccess)){
            System.out.println("该用户没有权限访问Handler");
            throw new Exception("该用户没有权限访问Handler");
        }
        System.out.println("MyIntercepter01 preHandle......");
        return true;
    }


    /**
     * 会在handler方法业务逻辑执行之后尚未跳转页面时执行
     * @param request
     * @param response
     * @param handler
     * @param modelAndView  封装了视图和数据，此时尚未跳转页面呢，你可以在这里针对返回的数据和视图信息进行修改
     * @throws Exception
     */
    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
        System.out.println("MyIntercepter01 postHandle......");
    }

    /**
     * 页面已经跳转渲染完毕之后执行
     * @param request
     * @param response
     * @param handler
     * @param ex  可以在这里捕获异常
     * @throws Exception
     */
    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
        System.out.println("MyIntercepter01 afterCompletion......");
    }
}
